ChestnutCMS Arbitrary File Deletion Vulnerability

An arbitrary file deletion vulnerability has been identified in ChestnutCMS versions through 1.5.0. The issue resides in the contentcore.controller.FileController, where attackers can delete any file or folder.

Impact

Exploitation of this vulnerability allows for the unauthorized deletion of files and folders on the server.